Opened 9 years ago

Closed 9 years ago

#5804 closed enhancement (fixed)

pandora broke in https-everywhere-2.0.3

Reported by: cypherpunks Owned by: pde
Priority: Low Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Keywords: pandora
Cc: mrmarshallman@…, graffatcolmingov@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Sorry but wasn't sure how to word this... for the longest time I have been using your add-on(which is great btw) and been using Pandora radio.

Recently I was unable to use Pandora so did some research and found that needed to disable pandora in the add-on or pandora will not work.

windows 7 x64 firefox 12 + https-everywhere-2.0.3.xpi

not sure if this is a bug or what?

thanks for having a great add-on

Child Tickets

Change History (7)

comment:1 Changed 9 years ago by pde

Cc: mrmarshallman@… added

comment:2 Changed 9 years ago by pde

Status: newaccepted

I have contacted Pandora to ask them to look into fixing this.  I can also disable the Pandora ruleset in git, though it will take a while to be released in all branches and propagate to all users.

comment:3 Changed 9 years ago by pde

I got this message back from Pandora.  Disabling the ruleset.

Thanks muchly for writing and for the feedback. We do apologize for the surprise and inconvenience that undoubtedly caused to your users' listening experience.
Regrettably, we are currently unable to detect a user's geographical location when they come in on SSL.  As you may know, we are a US-only service as of yet, and we need to make sure that we can prevent folks to whom we don't have licenses to play from receiving our stream, so this outcome presents a problem for us.
We do plan on moving to decrypt users' SSL traffic on our load balancers, however I'm afraid there's no timeline I could offer you on that.  For now, our engineers request that you do disable the ruleset--we will reach out to you when we have made the change on our end, at which point we will be quite happy for everyone who wishes to arrive via SSL.
We definitely recognize that our actions limit the options available to well-intentioned listeners, and we're genuinely sorry for the inconvenience this brings to our enthusiastic listeners (and to those of you at EFF who are supporting the extension)!
Thanks so much for your understanding, and thanks again for reaching out.

comment:4 Changed 9 years ago by graffatcolmingov

Cc: graffatcolmingov@… added

Perhaps if more HTTPS Everywhere users pester them, we could get them to act faster? Is it safe to assume you simply contacted customer support?

comment:5 Changed 9 years ago by pde

I contacted customer support, but the inquiry was clearly escalated to their engineering department.  The issue with their webservers not seeing IPs because they are swallowed by the load balancers sounds real to me.  I wrote back to them suggesting an ugly client-side JS hack that could fix this quickly, but really it's up to them to decide how high a priority this is.  There are probably a lot of other sites that deserve pestering from HTTPS Everywhere users before Pandora.

comment:6 Changed 9 years ago by graffatcolmingov

I agree about there being far more rulesets that are more important than this. Maybe we should start to put together a file with contact information for those websites? Possibly open a separate ticket for people to add rulesets to?

comment:7 Changed 9 years ago by pde

Resolution: fixed
Status: acceptedclosed

The fix for this shipped in 2.0.5 and 3.0development.3

Note: See TracTickets for help on using tickets.